When a user submits a form, the same record may be repeatedly inserted into the database due to the speed of the network or the malicious refreshing of the webpage. This is a tricky problem. We can start with the client and the server to avoid repeated submission of the same form.
1. Use client scripts
When it comes to client scripts, JavaScript is often used for regular input verification. In the following example, we use it to process the repeated submission of forms. Please refer to the following code:
<Form method = "Post" name = "register" Action = "test. php" enctype = "multipart/form-Data">
<Input name = "text" type = "text" id = "text"/>
<Input name = "Cont" value = "Submit" type = "button"
Onclick = "document. Register. Cont. value = 'submitting. Please wait ...';
Document. Register. Cont. Disabled = true; document. the_form.submit (); ">
</Form>
After you click the submit button, the button becomes unavailable, as shown in Figure 5-6.
In the above example, The onclick event is used to detect the user's submission status. If you click the submit button, the button is immediately set to invalid. You cannot click the button to submit again.
Another method is to use JavaScript, but the onsubmit () method is used. If a form has been submitted once, the dialog box is displayed immediately. The Code is as follows:
<Script language = "JavaScript">
<! --
VaR submitcount = 0;
Function submitonce (form ){
If (submitcount = 0 ){
Submitcount ++;
Return true;
} Else {
Alert ("operation in progress. Please do not submit it again. Thank you! ");
Return false;
}
}
// -->
</SCRIPT>
<Form name = "the_form" method = "Post" Action = "" onsubmit = "Return submitonce (this)">
<Input name = "text" type = "text" id = "text"/>
<Input name = "Cont" value = "Submit" type = "Submit">
</Form>
In the preceding example, if the user has clicked the submit button, the script automatically records the current status and adds the submitcount variable to 1. When the user tries to submit again, the script determines that the value of the submitcount variable is non-zero and prompts the user that the submitcount variable has been submitted to avoid repeated forms.
2. Use cookies for processing
Use cookies to record the status of the Form submission. You can check whether the form has been submitted based on its status. See the following code:
<? PHP
If (isset ($ _ post ['Go']) {
Setcookie ("tempcookie", "", time () + 30 );
Header ("Location:". $ _ server [php_self]);
Exit ();
}
If (isset ($ _ cookie ["tempcookie"]) {
Setcookie ("tempcookie", "", 0 );
Echo "you have submitted a form ";
}
?>
If the client disables the cookie, this method does not have any effect. Please note that. For more information about cookies, see Chapter 10th "PHP session management ".
3. Use session Processing
Using the PHP session function, you can avoid repeated forms. The session is stored on the server. During PHP running, you can change the session variable.
Therefore, you can use a session variable to record the value submitted in the form. If the value does not match, it is considered that the user is submitting the data repeatedly. See the following code:
<? PHP
Session_start ();
// Generate a random number based on the current session
$ Code = mt_rand (usd00 );
$ _ Session ['code'] = $ code;
?>
The random number is passed as a hidden value on the page form. The Code is as follows:
<Input type = "hidden" name = "originator" value = "<? = $ Code?> ">
The PHP code on the receiving page is as follows:
<? PHP
Session_start ();
If (isset ($ _ post ['originator']) {
If ($ _ post ['originator'] = $ _ session ['code']) {
// The statement for processing the form, omitted
} Else {
Echo 'Please do not refresh this page or submit the form again! ';
}
}
?>
For details about the session content, we will discuss in Chapter 10th "PHP session management". You can refer to this chapter directly and then return to this section to continue reading.
4. Use the header function to redirect
In addition to the above method, there is also a simpler method, that is, when the user submits the form, the server immediately redirects to other pages after processing, the Code is as follows.
If (isset ($ _ post ['action']) & $ _ post ['action'] = 'submitted '){
// Process the data. For example, after inserting the data, immediately go to another page.
Header ('location: submits_success.php ');
}
In this way, even if you use the refresh key, the form will not be submitted repeatedly because the page has been switched to a new page, and the page script has ignored any submitted data.
5.8.4 handling of form expiration
During the development process, forms often encounter errors and all information filled in when the page is returned is lost. To support page bounce, you can use either of the following methods.
1. Use the header to set the Cache control header cache-control.
Header ('cache-control: private, must-revalidate'); // supports page Jump back
2. Use the session_cache_limiter method.
Session_cache_limiter ('Private, must-revalidate'); // before session_start
The following code snippet prevents users from entering the form from being cleared when they click the submit button to return the result:
Session_cache_limiter ('nocache ');
Session_cache_limiter ('private ');
Session_cache_limiter ('public ');
Session_start ();
// The following is the form content, so that the content already filled in will not be cleared when the user returns the form
Paste this code to the top of the script to be applied.
Cache-Control Message Header domain description
Cache-control specifies the cache mechanism that requests and responses follow. Setting cache-control in a request message or response message does not modify the cache processing process of another message.
The cache commands for the request include no-cache, no-store, Max-age, Max-stale, Min-fresh, and only-if-
Cached. commands in the Response Message include public, private, no-cache, no-store, no-transform, and must-
Revalidate, proxy-revalidate, and Max-age. The command meanings of each message are shown in Table 5-3.
Cache command
Description
Public
Indicates that the response can be cached in any cache area.
Private
Indicates that the whole or part of the response message of a single user cannot be processed by the shared cache. This allows the server to describe only part of the user's response message, which is invalid for requests of other users.
No-Cache
Indicates that the request or response message cannot be cached.
No-store
Used to prevent unintentional release of important information. Sending a request message does not cache the request and response messages.
Max-age
Indicates that the client can receive responses with a lifetime not greater than the specified time (in seconds ).
Min-fresh
Indicates that the client can receive a response whose response time is earlier than the current time plus the specified time.
Max-stale
Indicates that the client can receive response messages beyond the timeout period. If the value of the Max-stale message is specified, the client can receive the response message beyond the timeout period.
For more information about session and cookie, see Chapter 10th "PHP session management ".
5.8.5 skills for determining form actions
The form can be allocated with the action to be processed through the same program. There are different logics in the form. How to identify the content of the button pressed by the user is just a small problem.
In fact, you only need to know the name of the submit button. When a form is submitted, only the button of the submit type is pushed to the form array, so you only need to determine the button value to know which button the user presses. take the following form as an example:
<Form method = "Post" Action = test. php>
<Input type = submit name = "BTN" value = "A">
<Input type = submit name = "BTN" value = "B">
</Form>
When the user presses the "A" button, BTN = A. When the "B" button is pressed, BTN = B.
You can also use the name of the submit button. See the following code:
<Form method = "Post" Action = test. php>
<Input type = submit name = "A" value = "Submit a">
<Input type = submit name = "B" value = "Submit B">
</Form>
In this way, as long as the post/get parameter contains A or B, you can know which button is pressed.
<? PHP
Print_r ($ _ post );
?>
This article from the csdn blog, reproduced please indicate the source: http://blog.csdn.net/jeff1987/archive/2009/09/07/4527413.aspx